??4Cdemo@@QAEAAV0@ABV0@@Z
RegisterModule
Static task
static1
Behavioral task
behavioral1
Sample
4bf335591271b6713302251d197a8ab3d2dd31ff9124fbac62b3293ed43392b5.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
4bf335591271b6713302251d197a8ab3d2dd31ff9124fbac62b3293ed43392b5.dll
Resource
win10v2004-20240802-en
Target
4bf335591271b6713302251d197a8ab3d2dd31ff9124fbac62b3293ed43392b5
Size
109KB
MD5
d4c07d10f8423862c05526cc63329902
SHA1
ab7fcb32c2a9172dbf784b8e1721002ef5e24387
SHA256
4bf335591271b6713302251d197a8ab3d2dd31ff9124fbac62b3293ed43392b5
SHA512
fc9267af6dab50bf92b3605b218cbc35f5eedb76c0c0bb2b68338260a8d6a3f2851bf5fab7de41c0cc42056ab79f496ba5cc0f0907da9a515f9e32099ad01421
SSDEEP
1536:PJG9KSGM+bW37wSuvH+GQULXMfQlNHMaqDHrz4LlXRg3GqG7XLzFwrqGYJa7763l:PJ80hSkruHrER+Gq+FwrwJ47hxB
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
Checks for missing Authenticode signature.
resource |
---|
4bf335591271b6713302251d197a8ab3d2dd31ff9124fbac62b3293ed43392b5 |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
??4Cdemo@@QAEAAV0@ABV0@@Z
RegisterModule
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE